app & browser control cannot id problem app

Topic

New Reply

I got a notification that “app & browser control” had found a suspect app. When I clicked on the yellow triangle there were 2 items to review. When clicking on either of the items a small pop up came in view and wanted to know if I wanted to allow the app to make changes to my computer. It did not id the suspect app so I clicked “no”. Is there any way to find out what app triggered the warning?  When I clicked on “show more details” I was shown what appeared to be a certificate signed by Microsoft. Win 10 Pro version 2004

Reply | Quote

Replies

Can you post screenshots of the notifications?
(save the screenshot as PNG and attach via the “select file” button)

cheers, Paul

Reply | Quote

Here is the screenshot of the notification:     Thanks  for  your help  CT47

Reply | Quote

Check at Settings, Update & Security, Windows Security, App & browser control, Reputation-based protection settings, Protection history, Filters, Blocked actions, Blocked items which should show “This app has been blocked” with date, time; and then reason, filename and origin when clicked.

Reply | Quote

Thanks for your reply. When I select the items in your reply and get to the last one “blocked items” and click on it I get the same screen as in above reply to Paul T. The screenshot is also attached to this posting.   CT47

Reply | Quote

[Bob99]

I’ve seen these before.

If you click each listing individually on that screen, that is supposed to bring up a more detailed explanation of what’s going on with that “potentially unwanted app”. At least that’s the way it worked for me on 2004. After clicking the little description, it told me what was going on and it included the exact file name of the app that was blocked. I then had an option to allow the app to execute in the future or to have it blocked from now on.

Please post a screenshot of the screen that you’re presented with immediately after clicking on one of those notifications that has the yellow triangles with the exclamation point on it. From what you’ve posted above, it sounds like you’re not being presented with the same-ish screen that I was presented with. Seeing what you’re presented with will enable folks here to better help you.

By the way, in my case above, it was a legitimate app that had been blocked, and I chose to allow it to run from now on. The app is a drive utility from my SSD’s manufacturer, Western Digital!

 

• This reply was modified 4 years, 5 months ago by Bob99.
• This reply was modified 4 years, 5 months ago by Bob99.

Reply | Quote

Thank you for your reply. Unfortunately I cannot get print screen to work beyond screen that shows the items with the yellow triangles. Once you get to the user account control screen you can press the print screen key but nothing gets copied.But I did accidentally get my problem solved.I was mucking about in “update & security” and decided to look at everything. I started at the top in “windows security”. In the list under Protection areas I clicked on :

“Virus & Threat Protection” even though it had a check mark in a green dot. There were 2 items listed:

PUA:WIN32/ASK TOOLBAR   12-29-20  4:56 pm (active)

PUA:WIN32/CREPROTE 12-18-20 4:41 pm (active)

I googled the items and came back and selected  “start recomended action”. Forgot to take a screen shot but I have a shot of the results. See attached. Thank you for your help

CT47

 

Reply | Quote

CT47 wrote:

When I select the items in your reply and get to the last one “blocked items” and click on it I get the same screen as in above reply to Paul T.

b wrote:

Blocked items which should show “This app has been blocked” with date, time; and then reason, filename and origin when clicked.

How to View Protection History of Microsoft Defender Antivirus in Windows 10

Reply | Quote

Reputation based protection is off by default. Is there a reason you have it on?

cheers, Paul

Reply | Quote

It’s on by default for enterprise devices:

⚠ Note

Potentially unwanted applications (PUA) are a category of software that can cause your machine to run slowly, display unexpected ads, or at worst, install other software which might be unexpected or unwanted. By default in Windows 10 (version 2004 and later), Microsoft Defender Antivirus blocks apps that are considered PUA, for Enterprise (E5) devices.

Detect and block potentially unwanted applications

And recommended by Microsoft for everyone else:

We recommend that you turn this feature on, and that you enable both block apps and block downloads.

Protect your PC from potentially unwanted applications

Reply | Quote

[bbearren]

Paul T wrote:

Reputation based protection is off by default.

In all of my installations (Windows 10 Pro Version 20H2 (OS Build 19042.685) the default condition is on.

Always create a fresh drive image before making system changes/Windows updates; you may need to start over!

We all have our own reasons for doing the things that we do with our systems; we don't need anyone's approval, and we don't all have to do the same things.

We were all once "Average Users".

Computer Specs

• This reply was modified 4 years, 5 months ago by bbearren. Reason: clarity

Reply | Quote

I want to thank all that offered help with my request. I have written several times needing help with something. Always got good advice and suggestions. See my reply to bob99 for the outcome of this problem. Thanks to all.
CT47

Reply | Quote

[Paul T]

You can use Sketch and Snip Snip and Sketch (built-in) to take screenshots – much more flexible.

cheers, Paul

• This reply was modified 4 years, 5 months ago by Paul T.

Reply | Quote